Ransomware Threats Increasingly Haunt Securities Companies

Key Points

• As many as 82 percent of BRI Danareksa Sekuritas customers now trade via online trading platforms, but this trend is accompanied by rising cybersecurity risks such as ransomware and unauthorized access.

• Customers have become the weakest and most vulnerable target, facing threats ranging from social engineering, malware, public WiFi exploitation, to fake applications.

• The securities industry must implement a 360° security approach, covering internal security, inter-institutional connections, and customer access.

Jakarta – The growth of digital transactions in Indonesia’s capital market continues to strengthen. BRI Danareksa Sekuritas recorded that an average of 82 percent of its customers now conduct transactions through digital online trading platforms, reflecting high adoption of technology in daily investment activities.

This surge not only shows a shift in customer behavior but also opens a new set of challenges in security. As digital activity increases, the risk of cyberattacks—particularly ransomware—has also become significantly higher and more real.

Fifi Virgantria, Director of PT BRI Danareksa Sekuritas, emphasized that security has now become the greatest business risk in the financial industry, including among securities companies.

“With the rising trend of digital financial transactions in the securities industry, the threats are also increasing. This becomes a challenge for all of us in the industry,” she stated at the seminar “When Security Becomes the Greatest Risk in Financial Industry,” held by Infobank Media Group together with FDS PAC Group and APEI at JS Luwansa Hotel, Kuningan, Jakarta, Thursday, 20 November 2025.

Customers: The Weakest Target, With the Biggest Impact

The financial industry is one of the most valuable targets for cybercriminals. Cyberattacks are no longer simple—they are now silent, automated, and persistent. As dependence on technology increases, customers have become one of the most vulnerable points.

Fifi explained that login access can be stolen through public WiFi, malware, and even data sold on the dark web. Investment applications are also at risk of being compromised through reverse engineering.

“Customers are now the most frequent targets. Social engineering, access theft, and even fake applications are genuinely happening,” she said.

Account compromise like this allows attackers to sell a victim’s high-value shares and transfer the proceeds to illiquid instruments already controlled by the attackers. The profits flow to the perpetrators, while customers bear the losses.

Fifi stressed that customer protection is now a must, requiring measures such as Multi-Factor Authentication (MFA), trusted device & secure channel, strong encryption, mobile app security monitoring, and continuous security education. Customer trust is the most valuable asset that must be protected.

Ransomware: An Attack That Can Paralyze the Industry

It is not only customers who face risks—institutions are also highly exposed. Fifi shared an example where a ransomware attack halted a securities company's transactions for several days, causing massive operational and financial losses.

In such cases, ransomware exploits internal weaknesses such as misconfiguration, shadow IT, and unsafe host-to-host connections between securities companies and banks. Attacks through these channels can even trigger illegal transfers and spread malware across institutions.

In a highly interconnected industry—spanning regulators, banks, vendors, and fintech—vulnerabilities in just one institution can trigger a domino effect across the entire capital market ecosystem.

Fifi emphasized that in the era of digital trading, the security paradigm must completely change. Security must be positioned as a business enabler, not an obstacle to innovation; as a risk reducer for operations and investment; as a trust builder for customers and regulators; and as a competitive advantage, especially for companies that rely on digital services.

Financial institutions must manage security as a strategic asset, not just a technical requirement—focusing on resilience, not merely compliance, and building a culture of security awareness from top management to the operational level.

Facing Emerging Threats Through a 360° Approach

On the securities company side, Fifi explained that strengthening security can no longer be done partially. She stated that securities companies must implement a 360° Security Protection approach that safeguards all connectivity points linked to the capital market industry.

“As securities companies, we are connected to many parties—banks, regulators, KSEI, KPEI, IDX, vendors, fintech. If one point is compromised, others can be affected. So the protection must be comprehensive,” Fifi said.

The 360° approach consists of three core layers:

1. Internal security, including SOC, SIEM, WAF, and attack surface monitoring;

2. Inter-institutional security, involving regulators, banks, and third parties;

3. Customer access security, which acts as the frontline defense.

Fifi stressed that security in the securities industry cannot be implemented halfway.

“Because our connectivity is like a network. If one point is weak, the rest can be impacted. Like it or not, we must secure all layers,” she said.

She also highlighted that threats often come not from the core systems, but from small, overlooked points.

“Sometimes we feel the system is secure, yet there are still many blind spots. And attacks today are subtle—slow, but they penetrate,” she concluded. (*)

Source: Nasabah Makin Digital, Ancaman Ransomware Kian Menghantui Perusahaan Sekuritas | Infobanknews